package com.websuites.webservice;

import java.util.Vector;

import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSUsernameTokenPrincipal;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;

import com.websuites.utils.LogUtil;

import sun.security.x509.X500Name;

@SuppressWarnings("unchecked")
public class WSS4JTokenHandler extends AbstractHandler 
{
	public void invoke(MessageContext context) throws Exception 
	{
		Vector result = (Vector)context.getProperty(WSHandlerConstants.RECV_RESULTS);

		if (result == null) 
		{
			LogUtil.error("Client does not contain Security Header, need WSSJOutHandler");
			return;
		}

		for (int i = 0; i < result.size(); i++) 
		{
			WSHandlerResult res = (WSHandlerResult)result.get(i);
			for (int j = 0; j < res.getResults().size(); j++) 
			{
				WSSecurityEngineResult secRes = (WSSecurityEngineResult)res.getResults().get(j);
				int action = secRes.getAction();
				// USER TOKEN
				if ((action & WSConstants.UT) > 0) 
				{
					WSUsernameTokenPrincipal principal = (WSUsernameTokenPrincipal) secRes.getPrincipal();
					// Set user property to user from UT to allow response encryption
					context.setProperty(WSHandlerConstants.ENCRYPTION_USER, principal.getName());
					LogUtil.info("Client's Username: " + principal.getName() + " Client's Password: " + principal.getPassword());
				}
				// SIGNATURE
				if ((action & WSConstants.SIGN) > 0) 
				{
//					X509Certificate cert = secRes.getCertificate();
					X500Name principal = (X500Name) secRes.getPrincipal();
					// Do something whith cert
					LogUtil.info("Signature for : " + principal.getCommonName());
				}
			}
		}
		LogUtil.info("WSS4JTokenHandler Done!");
	}
}
